On 23/09/2023 14:35, Dale wrote:
Another question. Are people trying to work on better encryption given
current encryption can be cracked? I read some things changed after
Snowden. I'm just not sure what and if more changes are needed even
today.
If you wanted the most secure and hard to crack encryption, what
would you use? How does one tell cryptsetup to use it? I have several
encryption options here but no idea what is the best or even just good.
If you want encryption that can't be cracked, go for RSA. It's uncrackable.
Now you might be wondering why I say that, given that is a simple,
well-known attack, but it's true. You can trick me into encoding as much
plain text as you like, where you can intercept the cipher text, and you
will not be able to crack the cipher itself. What you need to do is get
hold of ONE of my key-pairs. The public one of course is usually freely
available, and if you get hold of the private one it's game over.
You can then mathematically solve "the puzzle of the keys" from my
public pair and recover the private key. This is why RSA keys keep
getting bigger - it takes more and more brute force to solve.
I don't know enough about ECC - do you crack it or solve it?
Both these ciphers however have a massive weakness - make a mistake
setting them up and the solution becomes easy. RSA relies on multiplying
two huge primes together. Dunno what ECC relies on. If one of your RSA
primes is not, in fact, prime then factoring the huge product becomes
easy, and recovering all the keys built from it is simple.
ECC specifies various parameters, and the official standard ECC
parameters were discovered to contain a flaw. Was that an intentional
back door? It's thought it was an accident.
But I think cryptographers have abandoned crackable ciphers now - if
it's crackable then it's easily crackable. And all other ciphers simply
rely on the asymmetric effort taken to create a key or solve a key.
Cheers,
Wol
